Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 374623 (CVE-2010-3762)

Summary: net-dns/bind-9.7.2_P2: DoS (CVE-2010-3762)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: idl0r
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.isc.org/software/bind/advisories/CVE-2010-3762
Whiteboard: B4 [glsa]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2011-07-10 00:42:33 UTC 
CVE-2010-3762 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3762):
  ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not
  properly handle certain bad signatures if multiple trust anchors exist for a
  single zone, which allows remote attackers to cause a denial of service
  (daemon crash) via a DNS query.


Opened for tracking purposes.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2011-07-10 00:45:16 UTC 
Added to existing GLSA.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2012-06-02 14:00:06 UTC 
This issue was resolved and addressed in
 GLSA 201206-01 at http://security.gentoo.org/glsa/glsa-201206-01.xml
by GLSA coordinator Stefan Behte (craig).